Liability for Computer Errors

advertisement
Liability for Computer Errors
Not covered in textbook
Computer errors
• A range of possible consequences
–
–
–
–
Seconds lost
Data lost
$ - $$$
Injuries and deaths
• Examples:
–
–
–
–
Disfranchised voters
False arrests
Price & billing errors
Air traffic control, airplane control
Intrinsic & Extrinsic software
• Intrinsic:
– Software that is part of a completed product
• Extrinsic:
– Loaded onto the computer or machine of the user,
user directly encounters
The Therac-25 Case
• Radiation therapy machine
• Typical system malfunctions number 40x day
The Therac-25 case cont’d
• 20 month period, overdoses to 6 patients,
directly killing 3.
• Previous models, 6 & 20
– Differences to the 25?
• Chronology of accidents
– Please see
http://computingcases.org/case_materials/therac
/supporting_docs/therac_case_narr/therac_toc.ht
ml
What was wrong with the Therac-25
programming?
• 2 modes
– X-ray: high intensity beam deflected by tungsten target
– Electron: removes tungsten & reduces beam intensity by
factor of 100
• Quickly changing* (data entry editing) between mode
resulted in electron mode not dropping the beam intensity
– * If the operator was able to edit and start < 8 seconds
• Use of a Race condition – 2 or more tasks sharing a variable,
order that each is encountered can affect behavior of the
program
– The Therac-25 no longer had the hardware safety feature
Therac 25
• Problems
–
–
–
–
No fail safe
No dose reporting
Complicated programming
Re-use of code
• Who had moral and/or legal responsibility?
– Harm shown
– Was there intent?
– Was there negligence?
• Define negligence
Extrinsic Software Failures
• With these examples, companies or
individuals are buying software for what it can
do for them.
– Disclaiming liability for problems through
warranties
Software Warranties
• Limiting liability to:
– A refund of the purchase price
– Repair of the software product
• Accepting no liability for
– Business losses arising out of the use of the
product
• Enforceability of these disclaimers?
– UCC & the Magnuson-Moss Warranty Act
– Mix of case law
Extrinsic Business Software Failures
NCR’s Warehouse Manager
• Warehouse Manager was an inventory program.
It was developed for a different operating system
than it was deployed for.
• The “deadly embrace”
• NCR continued selling it, claiming 200 successful
installs, but that was actually on other op sys.
– When problems reported, told customers that was
“unique”
NCR cont’d
• Hopper bought the system.
– Did not get honest disclosure from NCR.
• NCR sold it to him after product had been discontinued.
– Errors about inventory and pricing resulted.
• $114 item listed for 54 cents; $17 item listed as on sale
for $30.
– Hopper was operating a successful co., but after
adoption of WM income was half.
• Processes took to long & were inaccurate. Inventory
inaccuracies
NCR conclusion
• Hopper tried to sue NCR for $4.2 million.
• However, the sales agreement signed by
Hopper stated that in the event of problems,
NCR was only responsible for the original cost
of the software minus the depreciation of the
equipment.
• The agreement also had an arbitration clause,
so the court refused the case.
ProCD v. Zeidenberg
• ProCD selling mailing list generating software
– 2 prices, 1 for personal 1 for business
• Zeidenberg bought it as personal and created a
mailing list sales business using the product.
• ProCD sued saying this violated terms of the
license
• Terms not found on box but on click thru agmt
• Ct found that Zeidenberg could be held to those
terms of the click through agreement and was in
violation of the software license.
Mortenson v. Timberline Software
• Precison Bid software
• Used it and created bid $1.95 million too low
• Licensing disclaimed business losses related to
use of the software in excess of licensing fee
• Timberline was aware of bug, did not send fix
to Mortenson.
• Ct. found the Timberline was not liable b/c
licensing agmt. properly limited liability.
Download